{"id":166,"date":"2012-10-22T09:41:00","date_gmt":"2012-10-22T09:41:00","guid":{"rendered":"http:\/\/marcbook.local\/wds\/playground\/cybertrust\/2012\/10\/22\/microsoft-free-security-tools-microsoft-baseline-security-analyzer\/"},"modified":"2023-05-15T23:05:33","modified_gmt":"2023-05-16T06:05:33","slug":"microsoft-free-security-tools-microsoft-baseline-security-analyzer","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2012\/10\/22\/microsoft-free-security-tools-microsoft-baseline-security-analyzer\/","title":{"rendered":"Microsoft Free Security Tools \u2013 Microsoft Baseline Security Analyzer"},"content":{"rendered":"

This article in our series on Microsoft\u2019s free security tools is focused on a tool called the Microsoft Baseline Security Analyzer (MBSA).\u00a0 Many years ago before Windows Update was available, servicing software was much more painful than it is today.\u00a0 Microsoft released security updates weekly, and there were few deployment technologies available to help determine which systems needed which updates. \u00a0For those IT administrators that lived through those days, the MBSA was a godsend.\u00a0 Today, 10 years later, the MBSA is still a free security tool that many, many IT Professionals use to help manage the security of their environments.<\/p>\n

The MBSA is an easy-to-use tool designed for IT professionals and helps small and medium-sized businesses determine their security state in accordance with Microsoft security recommendations and offers specific remediation guidance. It is a standalone security and vulnerability scanner designed to provide a streamlined method for identifying common security misconfigurations and missing security updates. MBSA is used by many leading third-party security vendors and security auditors and, on average, scans over 3 million computers each week.<\/p>\n

The MBSA provides built-in checks to determine if Windows administrative vulnerabilities are present, if weak passwords are being used on Windows accounts, the presence of known IIS and SQL administrative vulnerabilities, and which security updates are required on each individual system.\u00a0 The MBSA provides dynamic assessment of missing security updates.\u00a0 The MBSA can scan one or more computers by domain, IP address range or other grouping.\u00a0 Once complete, the MBSA provides a detailed report and instructions on how to help turn your system into a more secure working environment. The MBSA will create and store individual XML security reports for each computer scanned and will display the reports in the graphical user interface in HTML.<\/p>\n

To use the MBSA tool, users will need either Windows Server 2008 R2, Windows 7, Server 2003, Server 2008, Vista, XP or Windows 2000 and will need administrator privileges sufficient to scan the target computers.<\/p>\n

After installing MBSA and running the tool, users are taken to the screen seen below which provides quick access to three different sides of the application.\u00a0 Users can scan a computer using its name or IP address, scan multiple computers within a domain name or a range of IP addresses, or view existing security scan reports.\u00a0 There are even more options available through the command-line interface to support scripting and fine-tuned control over MBSA\u2019s scanning and reporting features.<\/p>\n

From the MBSA scan menu, users have the option to select some or all of the following, which are all checked by default:
\n\u2022\u00a0Windows administrative vulnerabilities: the MBSA checks for Windows account-related issues, such as an open Guest account or too many administrative accounts. It also looks at the number of file shares and the PC’s file system to make sure you’re using NTFS instead of FAT for better security.<\/p>\n